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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address ~ 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

• If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 16 May 2005 , 
2a)n This action is FINAL. 2b)l3 This action is non-final. 

3) 0 Since this application is in condition for allowance except for fomial matters, prosecution as to the merits is 

closed in accordance with the practice under Ex paAfe Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1-48 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) H Claim(s) 1-48 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) IE The drawing(s) filed on 02 September 2004 is/are: a)l3 accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action orforni PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)n All b)n Some * 0)0 None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Part of Paper No./Mail Date 0605 



DETAILED ACTION 



1 . In response to the previous office action, Applicant has filed two after-final 
amendment, both of which have been entered; a Notice of Appeal; and an Appeal Brief. 
Since the most recent office action, claims 14-23, 25-35, and 37-47 have been 
amended. 

2. In view of the Appeal Brief filed on 16 May 2005, PROSECUTION IS HEREBY 
REOPENED. New grounds of rejection are set forth below. 

To avoid abandonment of the application, Applicant must exercise one of the 
following two options: 

(1 ) file a reply under 37 CFR 1 . 1 1 1 ; or, 

(2) request reinstatement of the appeal. 

If reinstatement of the appeal is requested, such request must be accompanied 
by a supplemental appeal brief, but no new amendments, affidavits (37 CFR 1.130, 
1.131 or 1.132) or other evidence are permitted. See 37 CFR 1,1 93(b)(2). 

3. Claims 1-48 have been examined. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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4. Claims 1-12 and 25-36 are rejected under 35 U.S.C. 101 because tlie claimed 
invention is directed to non-statutory subject matter. 

Claim 1 teaches solely to a set of software modules, with constitutes functional 
descriptive material that is not tangibly embodied. 

Claim 25 teaches to a computer usable medium having program code, but does 
not specify that the program code recited in the limitations are the program code that Is 
on the computer readable medium; moreover, it is being presumed that the term 
"computer usable medium" is equivalent to the term "computer readable medium" as 
defined on p. 15 of Applicant's specification. This definition includes an embodiment on 
carrier waves, which are intangible. Claim inventions in the instant application therefore 
cannot overcome rejections under 35 U.S.C. 101 simply because they are embodied on 
"computer readable media" or "computer usable media." 

Claims 2-12 and 26-36 depend from rejected claims 1 and 25, and include all the 
limitations of those claims, thereby rendering those dependent claims non-statutory. 

Claim Rejections - 35 USC §112 

■ The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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5. Claims 10, 22, 34, and 46 are rejected under 35 U.S.C. 112, second paragraph, 
as being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

Claims 10, 22, 34, and 46 contain the trademark/trade name WINDOWS®. 
Where a trademark or trade name is used in a claim as a limitation to identify or 
describe a particular material or product, the claim does not comply with the 
requirements of 35 U.S.C. 112, second paragraph. See Ex parte Simpson, 218 
USPQ 1020 (Bd. App. 1982). The claim scope is uncertain since the trademark or trade 
name cannot be used properly to identify any particular material or product. A 
trademark or trade name is used to identify a source of goods, and not the goods 
themselves. Thus, a trademark or trade name does not identify or describe the goods 
associated with the trademark or trade name. In the present case, the trademark/trade 
name is used to identify/describe several operating system products and, accordingly, 
the identification/description is indefinite. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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6. Claims 1-48 are rejected under 35 U.S.C. 103(a) as obvious over U.S. Patent 
No. 5,421,006 to Jablon et al. in view of U.S. Patent No. 6,327,652 to England et al. 

As per claims 1, 2, 4, 7, 13, 14, 16. 19, 25, 26, 28, 31, 37, 38, 40, and 43, the 
system integrity scheme disclosed by Jablon includes the use of keys (using encryption) 
for each program level, including parts of the operating system, for protecting (a usage 
protector) a subset of the operating system's environment (see column 16, lines 36-44 
and column 1 9, lines 28-44). The subset of the operating system that is loaded to the 
lowest level constitutes an OS nub. Jablon's environment is directed towards security 
and thus constitutes a secure platform (see column 1, lines 10-16). 

Though each level's private key is employ the level's MDC (which is unique) and 
the public key of a trusted authority (the BKO) and stored and retrieved as a signature, 
the MDC does not constitute a key; therefore Jablon does not disclose either a unique 
key for each program portion or a key generator. 

England discloses a key generator (see column 7, lines 45-62) that creates 
unique keys for each targeted program (see column 17, lines 1-18), and further 
suggests that it is necessary to keep keys secret from other OS's or other system level 
software (see column 16, lines 50-55). 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify the invention of Jablon by using a key generator to 
generate unique keys for each program, such as the OS nub, as disclosed by England, 
as it is necessary to keep keys secret from other OS's or other system level software. 



Application/Control Number: 09/540,946 Page 6 

Art Unit: 2134 

Though Jablon's exemplary embodiment employs a ringless operating system, 
DOS, the invention disclosed by Jablon would clearly work with a ringed system; 
moreover, Jablon discloses that the invention may be used with other operating 
systems (see column 10, lines 23-24) and specifically notes a ringed operating system, 
UNIX, that would benefit from the Jablon's invention (see column 3, lines 12-23). The 
claimed invention is therefore anticipated by Jablon. 

Alternatively, it is also noted that Jablon only discloses a ringless embodiment 
(using DOS), though the invention may be used with other operating systems (see 
column 10. lines 23-24). 

Jablon notes that UNIX, despite its ringed architecture, needs additional 
protection, as preventing root access is a well-known security problem of the system 
(see column 3, lines 12-23). 

Therefore, it would have been obvious to one having ordinary skill in the art at 
the time the invention was made to implement the invention disclosed by Jablon in a 
ringed operating system, such as UNIX, as preventing root access is a well-known 
security problem of the system. 

As per claims 3, 15, 27, and 39, Jablon discloses that the MDC may be a hash 
value (see column 5, lines 44-47). 

As per claims 5, 17, 29, and 41, a second hash is computed and compared to the 
original for verification (see column 19, lines 39-44). 

As per claims 6, 18, 30, and 42, a layer of the OS, the login file may be stored 
encrypted, and decrypted for verification (see column 22, lines 47-56). 



Application/Control Number: 09/540,946 Page 7 

Art Unit: 2134 

As per claims 8, 20, 32, and 44, a list of programs (the manifest) may be kept, 
with all the above-mentioned integrity information (see column 17, line 48 to column 18, 
line 24). 

As per claims 9, 21 , 33, and 45, the invention uses a latch to protect the system 
from untrusted software (isolated execution) (see abstract). 

Regarding claims 10, 22, 34, and 46, Jablon discloses the use of DOS on a PC, 
and notes that the invention may be used with many other operating systems (see 
column 10, lines 18-24). Windows 3.1, NT 3.51, and Windows 95 run atop DOS, and 
therefore are encompassed by the invention. 

Regarding claims 11, 23, 35, and 47, the list of programs encompasses all of the 
programs running at the level immediately below a program. The level immediately 
below the operating system (DOS) is defined by the registry, and there therefore exists 
such a list. 

As per claim 12, 24, 36, and 48, BKO may also come from the boot record, which 
is at the highest level, which may include a random element calculated during the 
bootup sequence (see column 15, lines 1-9). 

Double Patenting 

The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. See In re Goodman, 1 1 
F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 
USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
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1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970);and, In re Thorington, 
418 F.2d 528. 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) may be 
used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent is shown to be commonly 
owned with this application. See 37 CFR 1.130(b). 

Effective January 1 , 1 994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 



7. Claims 1 -48 are provisionally rejected under the judicially created doctrine of 
obviousness-type double patenting as being unpatentable over claims 1-8, 10-20, 22- 
32, 34^4, and 46-48 of copending Application No. 09/668,610. Although the conflicting 
claims are not identical, they are not patentably distinct from each other because all of 
the limitations of the instant application exist, or are inherent in, the claims of the '610 
application. 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 



Response to Arguments 



8. Applicant's arguments with respect to claims 1-48 have been considered but are 
moot in view of the new ground(s) of rejection. 

Regarding Applicant's first argument, that Jablon does not teach a ring hierarchy, 
a ringed architecture, as depicted in Figure 1 A of the instant application, with respect to 
a computer operating is one in which programs and data are encapsulated in one of a 
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plurality of levels, where programs in any one level are disabled from accessing the 
memory contained within a lower-numbered ring; the programs and data of the lower 
ring may only be accessed via predefined system calls. 

The exemplary embodiment disclosed by Jablon is implemented in PC DOS, an 
operating system that is implemented, for example, on an Intel 8088 microprocessor. 
Since the 8088 on a PC has an architecture such that any program on the computer 
may access any memory location without restriction, it is impossible to design an 
invention for this platform that completely restricts memory access to any particular 
region; because of this, a ringed architecture, which serves to regulate communication 
among various regions, cannot be implemented. Since there is no means in the 
processor to restrict access, the greatest benefit of Jablon's invention, which uses 
encryption to regulate access between different designated regions, would be realized 
in such an environment. It is for this reason that Jablon chose an operating system 
native to a PC for the exemplary embodiment. As has been noted in the Office actions, 
Jablon also specifically notes that this invention is applicable to other operating systems 
(see Jablon, column 10, lines 19-24, as well as column 1, lines 34-42). 

Nonetheless, since the raison d'etre for a ringed architecture is the prohibition of 
computer accesses to more secure areas, one skilled in the art would see that any 
mechanism that is operable among the hierarchical rings in a ringed architecture and 
offers greater security in inter-ring accessing would also be advantageous. Jablon noted 
as much in discussing UNIX (see Jablon, column 3, lines 12-23), specifically noting that, 
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despite UNIX's ringed architecture, unauthorized accesses remain a well-known 
problem of the system. 

Though it is stated that Jablon's invention is only intended for systems lacking a 
"strong protection architecture," as Applicant has noted, it must be concluded from 
Jablon's observations pertaining to UNIX's security flaws that Jablon does not consider 
UNIX's protection architecture to be "strong." 

It is therefore the case that, although the invention disclosed by Jablon is 
described in terms of a DOS environment, Jablon also intended to apply the invention to 
a ringed operating system such as UNIX, and Applicant's claims are thus obvious in 
view of the added benefits to a ringed architecture, such as UNIX, that Jablon has 
explicitly recognized. 

Regarding Applicant's argument that Jablon's invention would not work with a 
ringed system, it is noted that since a ring is an abstraction of a system in which 
accesses to a region is restricted to programs in that region or those in more secure 
regions, any invention that similarly restricts program access is mappable onto a ringed 
architecture. Jablon's invention, as cited in the final office action, does this. 

Regarding Applicant's argument that Jablon's invention does not teach to a 
secure platform, any invention performing the claimed process, including Jablon's, must 
inherently run on a secure platform. Properties that make a platform secure are 
repeatedly recited by Jablon (see column 1, lines 10-18, for example) to such an extent 
that any discussion addressing as to whether or not this constitutes a "secure platform" 
would simply be redundant. 
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Regarding Applicant's argument that Jablon does not disclose an 
operating system nub, it is noted that the term "operating system nub" is not well-known 
in the art. Based on Applicant's specification (see p. 7, lines 13-17), it is being 
presumed that this term refers to that portion of the operating system that resides in the 
most secure ring of the architecture. Since Jablon's invention deploys portions of the 
operating system in hierarchically secure areas, that part of the operating system that is 
loaded into Jablon's most secure area therefore constitutes an operating system nub. 

Conclusion 



9. Due to the new grounds of rejection in this action, this action is non-final. 

1 0. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Matthew E. Heneghan, whose telephone number is 
(571) 272-3834. The examiner can normally be reached on Monday-Friday from 8:30 
AM - 4:30 PM Eastern Time. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached at (571) 272-3838. 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
P.O. Box 1450 
Alexandria, VA 22313-1450 
Or faxed to: 

(571)273-3800 
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Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (571) 272- 
2100. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (BBC) at 866-217-9197 (toll-free). 



August 5, 2005 



MEH 





